MCP Configuration
Connect to external tools and services via Model Context Protocol. Use this skill when an MCP server connection is needed or a new tool integration is requested.
Best use case
MCP Configuration is best used when you need a repeatable AI agent workflow instead of a one-off prompt.
Connect to external tools and services via Model Context Protocol. Use this skill when an MCP server connection is needed or a new tool integration is requested.
Teams using MCP Configuration should expect a more consistent output, faster repeated execution, less prompt rewriting.
When to use this skill
- You want a reusable workflow that can be run more than once with consistent structure.
When not to use this skill
- You only need a quick one-off answer and do not need a reusable workflow.
- You cannot install or maintain the underlying files, dependencies, or repository context.
Installation
Claude Code / Cursor / Codex
Manual Installation
- Download SKILL.md from GitHub
- Place it in
.claude/skills/mcp-config/SKILL.mdinside your project - Restart your AI agent — it will auto-discover the skill
How MCP Configuration Compares
| Feature / Agent | MCP Configuration | Standard Approach |
|---|---|---|
| Platform Support | Not specified | Limited / Varies |
| Context Awareness | High | Baseline |
| Installation Complexity | Unknown | N/A |
Frequently Asked Questions
What does this skill do?
Connect to external tools and services via Model Context Protocol. Use this skill when an MCP server connection is needed or a new tool integration is requested.
Where can I find the source code?
You can find the source code on GitHub using the link provided at the top of the page.
SKILL.md Source
# Skill: MCP Configuration
## Metadata
| Field | Value |
|-------|-------|
| **Skill ID** | SKL-0022 |
| **Version** | 1.0 |
| **Owner** | deployer |
| **Inputs** | Task description, STATE.md, existing .mcp.json |
| **Outputs** | .mcp.json, STATE.md updated |
| **Triggers** | `TOOL_CONNECTION_REQUESTED`, `MCP_SERVER_NEEDED` |
---
## Purpose
Configure Claude Code's `.mcp.json` to connect the project to external tools (GitHub, Notion, Slack, databases, etc.) via MCP servers. This is framework-level wiring — not application code that calls these services.
---
## Transport Defaults
| Context | Transport | Example |
|---------|-----------|---------|
| Local npm/Docker server | stdio | GitHub MCP, Postgres MCP |
| Remote cloud API | HTTP | Notion OAuth, Linear OAuth |
**Never use SSE transport** — deprecated and removed in Claude Code v2.0.9+.
---
## Server Defaults Table
| Service | Package / Endpoint | Transport | Credentials |
|---------|-------------------|-----------|-------------|
| GitHub | `@github/github-mcp-server` | stdio | `GITHUB_PERSONAL_ACCESS_TOKEN` |
| Notion (OAuth) | `https://mcp.notion.com/mcp` | HTTP | OAuth browser flow |
| Notion (API key) | `@notionhq/notion-mcp-server` | stdio | `NOTION_TOKEN` |
| Slack | `zencoderai/slack-mcp-server` | stdio | `SLACK_BOT_TOKEN`, `SLACK_TEAM_ID` |
| Linear | `https://mcp.linear.app/mcp` | HTTP | OAuth browser flow |
| PostgreSQL | `@modelcontextprotocol/server-postgres` | stdio | `POSTGRES_CONNECTION_STRING` |
| Supabase | `@modelcontextprotocol/server-supabase` | stdio | `SUPABASE_URL`, `SUPABASE_ANON_KEY` |
| Filesystem | `@modelcontextprotocol/server-filesystem` | stdio | none |
| Brave Search | `brave/brave-search-mcp-server` | stdio | `BRAVE_API_KEY` |
> If service not in this table, consult Explorer agent to research the correct server.
---
## Procedure
1. **Clarify what to connect:**
- Which service(s)?
- What capabilities needed? (read issues, write pages, query tables)
- Project scope (committed) or local scope (developer-only)?
2. **Read existing .mcp.json** — preserve all existing server entries.
3. **Build config block** using transport defaults:
- stdio: `"command": "npx", "args": ["-y", "<package>"], "env": {"<VAR>": "${<VAR>}"}`
- HTTP: `"type": "http", "url": "<endpoint>"`
- HTTP+OAuth: `"type": "http", "url": "<endpoint>"` (no token needed)
4. **Write updated .mcp.json** — merge new server with existing servers.
5. **Provide credential setup instructions:**
- Export block for each `${ENV_VAR}` referenced.
- Link to where the user obtains each token.
6. **Verify connection** via `claude mcp list` and `/mcp` command.
7. **Log to STATE.md** under Active MCP Integrations section.
---
## Common Errors
| Error | Cause | Fix |
|-------|-------|-----|
| `Connection closed` / `MCP error -32000` | Windows: npx can't run directly | Change to `"command": "cmd"`, prefix args with `"/c", "npx"` |
| `spawn npx ENOENT` | npx not in PATH | Use absolute path or fix shell PATH |
| Server not in `claude mcp list` | .mcp.json in wrong location | Must be at project root |
| Silent no-op | JSON syntax error | Validate with JSON linter |
---
## Constraints
- Never store raw secrets in .mcp.json — always use `${ENV_VAR}` expansion
- Never overwrite existing .mcp.json without reading and preserving existing servers
- Never configure SSE transport
- Never add servers the user hasn't requested
- Always use project scope for team-shared servers
---
## Primary Agent
deployer
---
## Definition of Done
- [ ] Requested MCP server(s) configured in .mcp.json
- [ ] All credentials use ${ENV_VAR} expansion (no raw secrets)
- [ ] Existing servers preserved
- [ ] Credential setup instructions provided
- [ ] Connection verified via `claude mcp list`
- [ ] STATE.md updated with Active MCP Integrations
## Output Contract
| Field | Value |
|-------|-------|
| **Artifacts** | `.mcp.json` (created or updated at project root) |
| **State Update** | `.claude/project/STATE.md` — mark task complete, log Active MCP Integrations |
| **Handoff Event** | `TASK_COMPLETED` (MCP server configured) |Related Skills
Supply Chain Audit
Audit the dependency supply chain for security risks beyond what `npm audit` or `pip audit` catches. Analyzes dependency health, maintainer trust signals, typosquatting risk, and transitive dependency exposure.
SEO Audit
Audit web pages for search engine optimization: meta tags, heading hierarchy, structured data, image optimization, mobile-friendliness, and content quality. Complements SKL-0013 (Growth & Distribution) by validating what was built.
Pitch Deck
Create a structured pitch deck outline for investors, stakeholders, or partners. Covers problem, solution, market, traction, team, and ask. Natural output after PRD + Problem Stress Test validation.
Launch Checklist
Pre-launch validation covering everything deployment (SKL-0021) doesn't: analytics, error tracking, social meta, legal pages, email setup, DNS, SSL, and go-live readiness. Produces a launch readiness report with pass/fail checklist. Use this skill before going live on any project.
Insecure Defaults Detection
Detect insecure default configurations, hardcoded credentials, fail-open security patterns, and dangerous default values in application code and configuration files. Complements SKL-0015 (Security Audit) by focusing on configuration-level vulnerabilities that dependency scanners miss.
Differential Security Review
Security-focused review of code changes using git diff analysis. Identifies security implications of recent modifications — new attack surfaces, removed protections, changed auth logic, and risky refactors. Complements SKL-0016 (Code Review) with a security lens on diffs.
Copywriting
Write conversion-focused copy using proven frameworks (AIDA, PAS, BAB). Produces headlines, CTAs, landing page copy, email sequences, and micro-copy. Ensures copy matches brand voice and target audience.
Competitor Analysis
Structured competitor research: features, pricing, positioning, gaps, and differentiation strategy. Feeds into PRD Writing (SKL-0004) and Problem Stress Test (SKL-0027) with better market context.
UX Design
Design user experiences including wireframes, flows, and interaction patterns. Use this skill when UX design work is requested, including onboarding flows and interface layouts.
User Acceptance Testing
Structured QA testing with four modes: diff-aware (auto-scoped to branch changes), full (systematic exploration), quick (30-second smoke test), and regression (compare against baseline). Produces health score, structured reports, and actionable bug lists. Use this skill when UAT is requested or a feature is ready for acceptance testing.
Token Audit
Audit the current project for token waste patterns. Produces a Token Health Report with scored findings and actionable fixes. Use this skill when token usage feels high, sessions are hitting limits, or before optimizing costs.
Test Writing
Write automated tests for existing or new functionality. Use this skill when tests are requested, including unit tests, integration tests, and end-to-end tests.